OT. EBAY hacked.

Page 2 of 2  


Here is some of the text of the hack notice on eBay's home page:
"On Wednesday, we announced that we are asking all eBay users to change their password. This is because of a cyberattack that compromised our eBay user database, which contained your encrypted password.
"Because your password is encrypted (even we dont know what it is), we believe your eBay account is secure. But we dont want to take any chances. We take security on eBay very seriously, and we want to ensure that you feel safe and secure buying and selling on eBay. So we think its the right thing to do to have you change your password. And we want to remind you that its a good idea to always use different passwords for different sites and accounts. If you used your eBay password on other sites, we are encouraging you to change those passwords, too."
--
Tegger

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 5/22/2014 7:11 AM, Tegger wrote:

This kinda pisses me off. I like Ebay, I really and truly do, and have used it extensively for many, many years.
It doesn't bother me that they continually send me special offers to sell items at a discount or free commission (I rarely sell on Ebay) and it doesn't bother me that they will continually tell me that some "consumable" I bought three months ago can be had once again.
What DOES bother me is that they have an incident like this and, apparently, unless you have a browser with Java active (and it's somewhat ironic that Java itself is often a security problem so many disable it)and up to date, you don't get the message. I logged in to my account this morning and... NO WARNING! I checked my Ebay message center and... NO WARNING! I looked around their security page, etc. and... Yep, NO WARNING!
I saw no warning whatsoever on the website until I, like Doug swapped out my password. Only then did I get a pop up box that referred to the breach and suggested that I change my password. No shit, Sherlock, that's exactly what I intended to do but you couldn't send me an email alert like you do several times a week trying to spur activity on your website? (and I did go back and sort through the trash bin... not a peep about the breach from them).
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

I never get offers on the webpage. I don't think I get them by mail either.

You still have a good point. One can go months without logging into ebay, but only days without reading email.

What might happen to me if I don't. Apparently they still won't have my paypal login or password, and it's hard to get them to ship anywhere but my own home, so what can hackers do to me? Buy something but not pay for it?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Think about it a bit... if they can log in as you, they can change the ship-to address.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Thu, 22 May 2014 13:34:47 +0000 (UTC), Doug Miller

If you've ever tried to change the ship-to address, it's not that easy. It has to match the address on the charge card or maybe be grandfathered in if used before they had that matching rule.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

The situation has been discussed on a number of blogs and several nation news stations. Not to mention a few private list I sub to on the subject.
True or not the simplest solution is to go to eBay's web site and manually change your PW. Do/don't take the precautions -- your money/your options.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
"Dean Hoffman >" wrote:

As soon as I read about it, I changed my PW.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 5/22/14 8:12 AM, micky wrote:

PC World. There are about three articles there regarding the Ebay hack. The one I read yesterday said hackers can cause mischief just by getting the unencrypted info like name, address etc.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 5/22/2014 9:26 PM, Dean Hoffman > wrote:

But probably not as much mischief as you or I could cause just closely following some Twitter or Facebook feeds. It's unbelievable the crap that some people post there.<g>
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Terry Coombs wrote:

The IT oriented blogs are giving eBay awards for the suckiest handling of a security breach yet. The news was all over The Register, Betanews, and Slashdot before eBay got around to putting a lame suggestion that you might want to change your password on their homepage.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
I believe the whole story about the heartbleed bug and now the hacked ebay profiles is a way to provoke users to change their passwords. My theory is that NSA is prepared for a mass password change.. I hope I'm wrong..
--
callumj85

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I'll add that if you use the eBay app on an iPad, the Password Update message is there, but only if you scroll down to the bottom of the app's home page. That is not typically what a user needs to do, at least not me, so I didn't see the message until I decided to actually look for it based on this discussion.
I changed my password on the main site through FF only after hearing about it in this forum. At the time I changed it, there was no message on the home page. As others have said, the only time I saw the message was when I was already on the password change screen. That's just a tad too late.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
alt.home.repair:

I changed my password early this morning. There was a large notice at the top of the main page before I changed it, and that notice is still there now, plus a highlighted button at the top:
http://rednoise.x10host.com/temp/ebay1.png
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Related Threads

    HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.